It seems like there’s a new local zero-day exploit that grants admin privileges on Windows almost every day, and today is no exception. A researcher publically disclosed a vulnerability that lets anyone with standard privileges open a command prompt with SYSTEM level access.
With this vulnerability, threat actors could go through the elevated command prompt to elevate their privileges and grant far more access than they’re meant to have. Someone can gain access to a system running Windows 10, Windows 11, and Windows Server 2022.
The exploit was discovered by researcher Abdelhamid Naceri and published on GitHub. To verify the issue, BleepingComputer tested it on a Windows PC running Windows 10 21H1 build 19043.1348 and found that it “only took a few seconds to gain SYSTEM privileges from a test account with ‘Standard’ privileges.”
When asked by BleepingComputer why he chose to publicly disclose the vulnerability instead of reporting it to Microsoft’s bug bounty program, he cited massively decreased payouts for reporting issues. “Microsoft bounties has been trashed since April 2020, I really wouldn’t do that if MSFT didn’t take the decision to downgrade those bounties,” explained Naceri.
As this is a local exploit, the person would need to access your computer in person. However, as mentioned, it only takes a few seconds for them to get elevated access, so they won’t need to be in possession for long. This is an issue you’ll want to watch out for, and make sure to download the patch as soon as Microsoft makes one available.